Security In GSM

Brief introduction to GSM-1

Global System for Mobile Communications-
:))GSM
According to a press release by the GSM ssociation
recently, there are more than747.5 million subscribers
in over 184 countries today by the time of September
2002, accounting for 71.2% of the World's digital
market and 69% of the World's wireless market. The
number of subscribers worldwide is expected to
.]surpass one billion by he end of 2003]7
GSM Architecture 1-1
GSM Security Model-2
 2-1The Purpose of GSM Security
The use of radio communications for transmission
to the mobile subscribers makes GSM Public
Land Mobile Networks )PLMN) particularly
sensitive to misuse of their resources by
unauthorized persons using manipulated Mobile
Stations, who try to impersonate authorized
subscribers and eavesdropping of the various
information, which are exchanged on the radio
. path
 2-1The Purpose of GSM Security
the security features in GSM PLMN is
: implemented to protect

. The access to the mobile services *

Any relevant item from being disclosed at *
the radio path, mainly in order to ensure
the
. privacy of user-related information
 2-2Security Features of GSM
Authentication of the registered subscribers only-
Secure data transfer through the use of-
encryption
Subscriber identity protection-
Mobile phones are inoperable without a SIM-
Duplicate SIM are not allowed on the network-
]Securely stored Ki. ]1
 Authentication of the registered 2-2-1
subscribers
The mobile station send IMSI to the network •
The network received the IMSI and found the •
.correspondent KI of that IMSI
The network generated a 128 bit random •
number )RAND) and sent it to the mobile station
.over the air interface
The MS calculates a SRES with the A3 algorithm •
using the given Challenge )RAND) and the
]KI residing in the SIM. ]1
 Authentication of the registered 2-2-1
subscribers
At the same time, the network calculates •
the SRES using the same algorithm and
the same
.inputs
,The MS sends the SRES to the network •
.The network test the SRES for validity •
Authentication of the registered 2-2-1
subscribers
 Encryption of the data 2-2-2
• A Generation of the cipher key KC :

GSM makes use of a ciphering key to protect both user data-

and signal on the vulnerable air interface. Once the user is
authenticated, the RAND )delivered from the network)
together with the KI )from the SIM) is sent through the A8
ciphering key generating algorithm, to produce a ciphering
key )KC). The A8 algorithm is stored on the SIM card. The KC
created by the A8 algorithm, is then used with the A5
.ciphering algorithm to encipher or decipher the data
 Encryption of the data 2-2-2
• A Generation of the cipher key KC :
Note that the session key is generated in the SIM card of the Mobil -
Station. And the network can use the same set of Ki, RAND and the
. same algorithm to generate the same key to decrypt the data
 Encryption of the data 2-2-2
• Encryption of the data :
Encrypted communication is initiated by a ciphering mode request -
command from the GSM
.network
Upon receipt of this command, the mobile station begins encryption -
. and decryption of data
Each frame in the over-the-air traffic is encrypted with a different key- -
. stream
The A5 algorithm is implemented in the hardware of the -
mobile phone, as it has to encrypt and
.decrypt data on the fly
Encryption of the data 2-2-2
 Subscriber identity protection 2-2-3
The IMSI is stored in the SIM card. To ensure -
.subscriber identity confidentiality
The TMSI is sent to the mobile station after the -
authentication and encryption procedures have taken
place
The mobile station responds by confirming reception of -
.the TMSI
The TMSI is valid in the location area in which it was -
.issued
For communications outside the location area the -
Location Area Identification )LAI) is necessary in
.addition to the TMS
 Smart card 2-2-4
The smart card is like a micro computer which has
.memory, cpu and operating system
By programming the rom, it can store the sensive
data with very high security leve. So it provides a
good way to store the Ki and IMSI and other
.sensitive user data
Problems with GSM Security -3
 Security by obscurity. which means that all of the
algorithms used are not available to the public.
 Only provides access security.
 network.
 Difficult to upgrade the cryptographic
mechanisms
 Lack of user visibility )e.g. doesn’t know if
encrypted or not)
 The flaw of the algorithms.